首页 > 代码库 > bWAPP--low--HTML Injection - Reflected (GET)

bWAPP--low--HTML Injection - Reflected (GET)

HTML Injection - Reflected (GET)

 

进入界面,

 

html标签注入

 

low级别没有保护

 1 function htmli($data)
 2 {
 3          
 4     switch($_COOKIE["security_level"])
 5     {
 6         
 7         case "0" : 
 8             
 9             $data = no_check($data);            
10             break;
11         
12         case "1" :
13             
14             $data = xss_check_1($data);
15             break;
16         
17         case "2" :            
18                        
19             $data = xss_check_3($data);            
20             break;
21         
22         default : 
23             
24             $data = no_check($data);            
25             break;;   
26 
27     }       
28 
29     return $data;
30 
31 }
32 
33  <label>Set your security level:</label><br />
34         
35         <select name="security_level">
36             
37             <option value="http://www.mamicode.com/0">low</option>
38             <option value="http://www.mamicode.com/1">medium</option>
39             <option value="http://www.mamicode.com/2">high</option> 
40             
41         </select>

 

 

技术分享

这是核心代码

 

 1 <div id="main">
 2     
 3     <h1>HTML Injection - Reflected (GET)</h1>
 4 
 5     <p>Enter your first and last name:</p>
 6 
 7     <form action="<?php echo($_SERVER["SCRIPT_NAME"]);?>" method="GET">
 8 
 9         <p><label for="firstname">First name:</label><br />
10         <input type="text" id="firstname" name="firstname"></p>         //first name 框
11  
12         <p><label for="lastname">Last name:</label><br />               //last name 框
13         <input type="text" id="lastname" name="lastname"></p>
14 
15         <button type="submit" name="form" value="http://www.mamicode.com/submit">Go</button>    //按钮标签
16 
17     </form>
18 
19     <br />
20     <?php
21 
22     if(isset($_GET["firstname"]) && isset($_GET["lastname"]))                   //以GET方式获取表单传递的firstname和lastname,isset检测是否存在
23     {   
24 
25         $firstname = $_GET["firstname"];                                        //接受参数
26         $lastname = $_GET["lastname"];    
27 
28         if($firstname == "" or $lastname == "")                               //如果其中一个为空,显示下边内容 
29         {
30 
31             echo "<font color=\"red\">Please enter both fields...</font>";       
32 
33         }
34 
35         else            
36         { 
37 
38             echo "Welcome " . htmli($firstname) . " " . htmli($lastname);   //没有任何过滤,直接展示出来
39 
40         }
41 
42     }
43 
44     ?>
45 
46 </div>

可以<script>标签加入xss

 

bWAPP--low--HTML Injection - Reflected (GET)